Tag: Security Intelligence

Why speed is of the essence in today’s cybersecurity landscape? How are you quickly achieving vulnerability resolution? Identifying vulnerabilities should be part of the daily process within an organization. It’s an important piece of maintaining an organization’s security posture. However,…

Read more →

As careers in cybersecurity become increasingly more specialized, Security Information and Event Management (SIEM) engineers are playing a more prominent role. These professionals are like forensic specialists but are also on the front lines protecting sensitive information from the relentless…

Read more →

Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America. IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents…

Read more →

Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches. To that end, IBM’s Cost of a Data…

Read more →

In today’s fast-paced digital landscape, there is no shortage of apps and Software-as-a-Service (SaaS) solutions tailored to meet the diverse needs of businesses across different industries. This incredible array of options has revolutionized how we work, providing cost-effective and user-friendly…

Read more →

As organizations continue their digital transformation journey, they need to be able to trust that their digital assets are secure. That’s not easy in today’s environment, as the numbers and sophistication of cyberattacks increase and organizations face challenges from remote…

Read more →

The dual-hat arrangement, where one person leads both the National Security Agency (NSA) and U.S. Cyber Command (Cybercom), has been in place since Cybercom’s creation in 2010. What was once touted as temporary 13 years ago now seems established. Will…

Read more →

Cybersecurity staff at an East Coast financial services company last summer detected unusual activity on its internal Atlassian Confluence page originating inside the company’s network. The MAC address used locally belonged to an employee known to be currently using the…

Read more →

Machine learning operations (MLOps) refers to the practices and tools employed to streamline the deployment, management and monitoring of machine learning models in production environments. While MLOps is commonly associated with data science and machine learning workflows, its integration with…

Read more →

That latest cyberattack threatening your organization is likely coming from outside the corporate network. According to Mandiant’s M-Trends 2023 report, 63% of breaches came from an outside entity — a considerable rise from 47% the year before. When it comes…

Read more →

Imagine running a 911 call center where the switchboard is constantly lit up with incoming calls. The initial question, “What’s your emergency, please?” aims to funnel the event to the right responder for triage and assessment. Over the course of…

Read more →

According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15% more than in 2020. In response, 51% of organizations plan to increase cybersecurity spending this…

Read more →

The security industry has always dreamed about an impenetrable internet where threats are neutralized and attackers cannot thrive. Many have tried to conceptualize this theory into reality, but for the time being, it remains a dream. But one company, Dark…

Read more →

While external cyber threats capture headlines, the rise of insider threats from within an organization is a growing concern. In 2023, the average cost of a data breach caused by an insider reached $4.90 million, 9.6% higher than the global…

Read more →

You get off a flight and realize your phone is almost out of battery, which will make getting an Uber at your destination a bit challenging. Then you see it — a public charging station at the next gate like…

Read more →

In early July, the news broke that threat actors in China used a Microsoft security flaw to execute highly targeted and sophisticated espionage against dozens of entities. Victims included the U.S. Commerce Secretary, several U.S. State Department officials and other…

Read more →

In the ever-evolving fraud landscape, fraudsters have shifted their tactics from using third-party devices to on-device fraud. Now, users face the rising threat of fraud involving remote access tools (RATs), while banks and fraud detection vendors struggle with new challenges…

Read more →

Whichever way you look at the data, it is considerably cheaper to use backups to recover from a ransomware attack than to pay the ransom. The median recovery cost for those that use backups is half the cost incurred by…

Read more →

Security information and event management (SIEM) systems remain a key component of security operations centers (SOCs). Security orchestration, automation, and response (SOAR) frameworks, meanwhile, have emerged to fill the gap in these capabilities left by many SIEM systems. But as…

Read more →

Security information and event management (SIEM) is a crucial tool that offers real-time monitoring and analysis of security-related events as well as tracking and logging of security data for compliance or auditing purposes. SIEM plays an important role in identifying…

Read more →

The adoption of hybrid cloud environments driving business operations has become an ever-increasing trend for organizations. The hybrid cloud combines the best of both worlds, offering the flexibility of public cloud services and the security of private on-premises infrastructure. We…

Read more →

It’s no surprise that cyber criminals target high-profile individuals or those with access privilege. Malicious actors often use social engineering and whale phishing attacks against these people to breach systems. But households and family members of company executives may also…

Read more →

In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for…

Read more →

Data breaches are becoming more costly across all industries, with healthcare in the lead. The 2023 Cost of a Data Breach Report analyzes data collected from March 2022 to March 2023. Healthcare remains a top target for online criminal groups.…

Read more →

Threat hunting involves looking for threats and adversaries in an organization’s digital infrastructure that existing security tools don’t detect. It is proactively looking for threats in the environment by assuming that the adversary is in the process of compromising the…

Read more →

Ransomware and data leaks are inconvenient and costly. But what about a cyber incident that leads to mass casualties?  The notion of “black swan” events — incidents that are so rare and unusual they cannot be predicted —  is a…

Read more →

Vulnerability management is a security practice designed to avoid events that could potentially harm an organization. It is a regular ongoing process that identifies, assesses, and manages vulnerabilities across all the components of an IT ecosystem. Cybersecurity is one of…

Read more →

In May 2023, the Department of Defense (DoD) released an unclassified fact sheet detailing its latest cyber strategy. This latest update is another indication of the Pentagon’s intent to combat threat actors, coming fast on the heels of the 2022…

Read more →

Backups are an essential part of any solid anti-ransomware strategy. In fact, research shows that the median recovery cost for ransomware victims that used backups is half the cost incurred by those that paid the ransom. But not all data…

Read more →

How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers,…

Read more →

Practicality and simplicity: That’s what data security analysts want most from their data protection tools. That’s the essence we gleaned from the Forrester Consulting Total Economic Impact (TEI) study commissioned by IBM for its IBM Security Guardium Data Protection product.…

Read more →

The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it’s important we recognize that cybercriminals are…

Read more →

Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can…

Read more →

Cloud computing and IT modernization have created a more complex threat landscape, and security analysts are struggling to keep up. Security operations centers (SOC) are in need of an upgrade. The proliferation of cloud and hybrid environments simply creates more…

Read more →

Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force…

Read more →

Not long ago, the corporate world was enthralled with the promise of digital transformation. But in the midst of the digital revolution, people were paying less attention to security than they probably should have. The business advantages of digital transformation…

Read more →

The security updates released by Microsoft on April 11, 2023, addressed over 90 individual vulnerabilities. Of particular note was CVE-2023-21554, dubbed QueueJumper, a remote code execution vulnerability affecting the Microsoft Message Queueing (MSMQ) service. MSMQ is an optional Windows component…

Read more →

The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise…

Read more →

Attack volumes are up, and attackers are finding new ways to compromise corporate security. According to the HackerOne 6th Annual Hacker-Powered Security Report, ethical hackers found 65,000 vulnerabilities in 2022. What’s more, 92% of hackers said they could pinpoint weaknesses…

Read more →

The cybersecurity tools you implement can make a difference in the financial future of your business. According to the 2023 IBM Cost of a Data Breach report, organizations using security AI and automation incurred fewer data breach costs compared to…

Read more →

In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting  Latin America with a focus on financial institutions, booking sites, and instant messaging. This trend is particularly concerning considering Chrome…

Read more →

In December 2022, Norton users were put on high alert after threat actors compromised the security application with a credential-stuffing attack. Norton’s security team locked down about 925,000 accounts after detecting a suspicious flurry of login attempts from Norton Password…

Read more →

Rising risk, long incident remediation times and high security costs — these things keep security professionals up at night. But SIEM can make a positive difference in all three, according to a recent report. Security information and event management (SIEM)…

Read more →

Endpoint protection platform (EPP) and endpoint detection and response (EDR) tools are two security products commonly used to protect endpoint systems from threats. EPP is a comprehensive security solution that provides a range of features to detect and prevent threats…

Read more →

Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry…

Read more →

As our lives become increasingly digital, threat actors gain even more avenues of attack. With the average person spending about 400 minutes online, many scammers enjoy a heyday. Old impersonation scams continue to deceive people every day, as con artists…

Read more →

Everyone knows that horrible feeling. You’re scrolling through social media when all of a sudden, a photo pops up of your friends hanging out at a cool party you hadn’t even heard about. When it comes to FOMO, or the…

Read more →

This post was made possible through the contributions of Joseph Spero and Thanassis Diogos. In June 2023, IBM Security X-Force responded to an incident where a client had received alerts from their security tooling regarding potential malicious activity originating from…

Read more →

This post was made possible through the contributions of Joseph Spero and Thanassis Diogos. In June 2023, IBM Security X-Force responded to an incident where a client had received alerts from their security tooling regarding potential malicious activity originating from…

Read more →

AI and machine learning (ML) have revolutionized cloud computing, enhancing efficiency, scalability and performance. They contribute to improved operations through predictive analytics, anomaly detection and automation. However, the growing ubiquity and accessibility of AI also expose cloud computing to a…

Read more →

As more organizations rely on the automation and scale that web applications and connected services provide, application programming interface (API) security has become imperative. In just the last year alone, unique attackers targeting customer APIs grew by 400%, proving that…

Read more →

In late April through May 2023, IBM Security X-Force found several phishing emails leading to packed executable files delivering malware we have named BlotchyQuasar, likely developed by a group X-Force tracks as Hive0129. BlotchyQuasar is hardcoded to collect credentials from…

Read more →

In late April through May 2023, IBM Security X-Force found several phishing emails leading to packed executable files delivering malware we have named BlotchyQuasar, likely developed by a group X-Force tracks as Hive0129. BlotchyQuasar is hardcoded to collect credentials from…

Read more →

Hackers stole $4.3 billion worth of cryptocurrency in 2022, making it the worst year on record for crypto fraud. While the government pushes for regulation in the digital coin market, cryptocurrency remains a volatile industry and a risky bet for…

Read more →

In today’s digital age, a tidal wave of information travels across networks from user to user and device to device. Organizations rely on collecting and storing sensitive and personal information to perform business-critical operations, such as collecting credit card payments,…

Read more →

If you ask Jen Easterly, director of CISA, the current cybersecurity woes are largely the result of misaligned incentives. This occurred as the technology industry prioritized speed to market over security, said Easterly at a recent Hack the Capitol event…

Read more →